Apparently GNUPG has recently added elliptic curve support. This is really important, since the safe RSA key size (2048) is pretty big, and the verys afe RSA key size (2048) is a bit too big to be reasonable (you can't include it in a signature, for example).
Unfortunately, it looks like the OpenPGP standard specifies the NSA-produced elliptic curves. Given the recent situation with Dual_EC_DRBG, NSA-produced standards are suspect, especially with suspicious constants like the standard elliptic curves have. DJB has analyzed the available elliptic curves and recommended some that he expects to be reasonably safe at http://safecurves.cr.yp.to . Does anyone know the status on the inclusion of secure ECC in gnupg? Thanks, -- Nat
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users